MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 20 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 20 additions & 0 deletions
diff --git a/‎articles/active-directory-domain-services/active-directory-ds-faqs.md
Lines changed: 7 additions & 7 deletions b/‎articles/active-directory-domain-services/active-directory-ds-faqs.md
Lines changed: 7 additions & 7 deletions
diff --git a/‎articles/active-directory-domain-services/active-directory-ds-features.md
Lines changed: 5 additions & 5 deletions b/‎articles/active-directory-domain-services/active-directory-ds-features.md
Lines changed: 5 additions & 5 deletions
diff --git a/‎articles/active-directory-domain-services/active-directory-ds-getting-started-dns.md
Lines changed: 7 additions & 1 deletion b/‎articles/active-directory-domain-services/active-directory-ds-getting-started-dns.md
Lines changed: 7 additions & 1 deletion
diff --git a/‎articles/active-directory/active-directory-reporting-api-audit-samples.md
Lines changed: 6 additions & 6 deletions b/‎articles/active-directory/active-directory-reporting-api-audit-samples.md
Lines changed: 6 additions & 6 deletions
diff --git a/‎articles/active-directory/active-directory-reporting-api-sign-in-activity-samples.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/active-directory-reporting-api-sign-in-activity-samples.md
Lines changed: 2 additions & 2 deletions
@@ -8450,6 +8450,16 @@
             "redirect_url": "/azure/vpn-gateway/vpn-gateway-howto-vnet-vnet-portal-classic",
             "redirect_document_id": false
         },
+        {
+            "source_path": "articles/virtual-network/virtual-network-nsg-troubleshoot-portal.md",
+            "redirect_url": "/azure/virtual-network/diagnose-network-traffic-filter-problem",
+            "redirect_document_id": false
+        },
+        {
+            "source_path": "articles/virtual-network/virtual-network-nsg-troubleshoot-powershell.md",
+            "redirect_url": "/azure/virtual-network/diagnose-network-traffic-filter-problem",
+            "redirect_document_id": true
+        },        
         {
             "source_path": "articles/virtual-network/resource-groups-networking.md",
             "redirect_url": "/azure/networking/networking-overview",
@@ -22001,6 +22011,11 @@
             "redirect_url": "/azure/cognitive-services/LUIS/luis-get-started-ruby-add-utterance",
             "redirect_document_id": true
         },
+        {
+            "source_path": "articles/virtual-machine-scale-sets/virtual-machine-scale-sets-deploy-scaling-app-template.md",
+            "redirect_url": "/azure/virtual-machine-scale-sets/quick-create-template-linux",
+            "redirect_document_id": true
+        },
         {
             "source_path": "articles/cognitive-services/LUIS/App-Dashboard.md",
             "redirect_url": "/azure/cognitive-services/LUIS/luis-how-to-use-dashboard",
@@ -22010,6 +22025,11 @@
             "source_path": "articles/cognitive-services/LUIS/Add-entities.md",
             "redirect_url": "/azure/cognitive-services/LUIS/luis-how-to-add-entities",
             "redirect_document_id": true
+        },
+        {
+            "source_path": "articles/java-add-certificate-ca-store.md",
+            "redirect_url": "/java/azure/java-sdk-add-certificate-ca-store",
+            "redirect_document_id": true
         }
     ]
 }
@@ -14,15 +14,15 @@ ms.workload: identity
 ms.tgt_pltfrm: na
 ms.devlang: na
 ms.topic: article
-ms.date: 05/23/2018
+ms.date: 05/30/2018
 ms.author: maheshu
 
 ---
 # Azure Active Directory Domain Services: Frequently Asked Questions (FAQs)
 This page answers frequently asked questions about the Azure Active Directory Domain Services. Keep checking back for updates.
 
 ## Troubleshooting guide
-Refer to the [Troubleshooting guide](active-directory-ds-troubleshooting.md) for solutions to common issues encountered when configuring or administering Azure AD Domain Services.
+Refer to the [Troubleshooting guide](active-directory-ds-troubleshooting.md) for solutions to common issues with configuring or administering Azure AD Domain Services.
 
 ## Configuration
 ### Can I create multiple managed domains for a single Azure AD directory?
@@ -46,14 +46,14 @@ The service itself does not directly support this scenario. Your managed domain
 ### Can I enable Azure AD Domain Services using PowerShell?
 Yes. See [how to enable Azure AD Domain Services using PowerShell](active-directory-ds-enable-using-powershell.md).
 
-### Can I enable Azure AD Domain Services using a Resource Manager template?
+### Can I enable Azure AD Domain Services using a Resource Manager Template?
 Yes. See [how to enable Azure AD Domain Services using PowerShell](active-directory-ds-enable-using-powershell.md).
 
 ### Can I add domain controllers to an Azure AD Domain Services managed domain?
 No. The domain provided by Azure AD Domain Services is a managed domain. You do not need to provision, configure, or otherwise manage domain controllers for this domain - these management activities are provided as a service by Microsoft. Therefore, you cannot add additional domain controllers (read-write or read-only) for the managed domain.
 
 ### Can guest users invited to my directory use Azure AD Domain Services?
-No. Guest users invited to your Azure AD directory using the [Azure AD B2B](../active-directory/active-directory-b2b-what-is-azure-ad-b2b.md) invite process are sycned into your Azure AD Domain Services managed domain. However, passwords for these users are not stored in your Azure AD directory. Therefore, Azure AD Domain Services has no way to sync NTLM and Kerberos hashes for these users into your managed domain. As a result, such users cannot login to the managed domain or join computers to the managed domain.
+No. Guest users invited to your Azure AD directory using the [Azure AD B2B](../active-directory/active-directory-b2b-what-is-azure-ad-b2b.md) invite process are synchronized into your Azure AD Domain Services managed domain. However, passwords for these users are not stored in your Azure AD directory. Therefore, Azure AD Domain Services has no way to sync NTLM and Kerberos hashes for these users into your managed domain. As a result, such users cannot log in to the managed domain or join computers to the managed domain.
 
 ## Administration and Operations
 ### Can I connect to the domain controller for my managed domain using Remote Desktop?
@@ -63,13 +63,13 @@ No. You do not have permissions to connect to domain controllers for the managed
 Members of the administrative group ‘AAD DC Administrators’ can domain-join machines. Additionally, members of this group are granted remote desktop access to machines that have been joined to the domain.
 
 ### Do I have domain administrator privileges for the managed domain provided by Azure AD Domain Services?
-No. You are not granted administrative privileges on the managed domain. Both ‘Domain Administrator’ and ‘Enterprise Administrator’ privileges are not available for you to use within the domain. Existing domain administrator or enterprise administrator groups within your Azure AD directory are also not granted domain/enterprise administrator privileges on the domain.
+No. You are not granted administrative privileges on the managed domain. Both ‘Domain Administrator’ and ‘Enterprise Administrator’ privileges are not available for you to use within the domain. Members of the domain administrator or enterprise administrator groups in your on-premises Active Directory are also not granted domain/enterprise administrator privileges on the managed domain.
 
 ### Can I modify group memberships using LDAP or other AD administrative tools on managed domains?
 No. Group memberships cannot be modified on domains serviced by Azure AD Domain Services. The same applies for user attributes. You may however change group memberships or user attributes either in Azure AD or on your on-premises domain. Such changes are automatically synchronized to Azure AD Domain Services.
 
 ### How long does it take for changes I make to my Azure AD directory to be visible in my managed domain?
-Changes made in your Azure AD directory using either the Azure AD UI or PowerShell are synchronized to your managed domain. This synchronization process runs in the background. After the one-time initial synchronization of your directory is complete, it typically takes about 20 minutes for changes made in Azure AD to be reflected in your managed domain.
+Changes made in your Azure AD directory using either the Azure AD UI or PowerShell are synchronized to your managed domain. This synchronization process runs in the background. Once initial synchronization is complete, it typically takes about 20 minutes for changes made in Azure AD to be reflected in your managed domain.
 
 ### Can I extend the schema of the managed domain provided by Azure AD Domain Services?
 No. The schema is administered by Microsoft for the managed domain. Schema extensions are not supported by Azure AD Domain Services.
@@ -81,7 +81,7 @@ Yes. Members of the 'AAD DC Administrators' group are granted 'DNS Administrator
 The default password lifetime on an Azure AD Domain Services managed domain is 90 days. This password lifetime is not synchronized with the password lifetime configured in Azure AD. Therefore, you may have a situation where users' passwords expire in your managed domain, but are still valid in Azure AD. In such scenarios, users need to change their password in Azure AD and the new password will synchronize to your managed domain. Additionally, the 'password-does-not-expire' and 'user-must-change-password-at-next-logon' attributes for user accounts are not synchronized to your managed domain.
 
 ### Does Azure AD Domain Services provide AD account lockout protection?
-Yes. 4 invalid password attempts within 2 minutes on the managed domain cause a user account to be locked out for 30 minutes. After 30 minutes, the user account is automatically unlocked. Invalid password attempts on the managed domain do not lock out the user account in Azure AD. The user account is locked out only within your Azure AD Domain Services managed domain.
+Yes. Five invalid password attempts within 2 minutes on the managed domain cause a user account to be locked out for 30 minutes. After 30 minutes, the user account is automatically unlocked. Invalid password attempts on the managed domain do not lock out the user account in Azure AD. The user account is locked out only within your Azure AD Domain Services managed domain.
 
 ## Billing and availability
 ### Is Azure AD Domain Services a paid service?
 
@@ -14,27 +14,27 @@ ms.workload: identity
 ms.tgt_pltfrm: na
 ms.devlang: na
 ms.topic: article
-ms.date: 05/23/2018
+ms.date: 05/30/2018
 ms.author: maheshu
 
 ---
 # Azure AD Domain Services
 ## Features
 The following features are available in Azure AD Domain Services managed domains.
 
-* **Simple deployment experience:** You can enable Azure AD Domain Services for your Azure AD tenant using just a few clicks. Regardless of whether your Azure AD tenant is a cloud-tenant or synchronized with your on-premises directory, your managed domain can be provisioned quickly.
+* **Simple deployment experience:** You can enable Azure AD Domain Services for your Azure AD directory using just a few clicks. Your managed domain includes cloud-only user accounts and user accounts synchronized from an on-premises directory.
 * **Support for domain-join:** You can easily domain-join computers in the Azure virtual network your managed domain is available in. The domain-join experience on Windows client and Server operating systems works seamlessly against domains serviced by Azure AD Domain Services. You can also use automated domain join tooling against such domains.
 * **One domain instance per Azure AD directory:** You can create a single Active Directory domain for each Azure AD directory.
 * **Create domains with custom names:** You can create domains with custom names (for example, 'contoso100.com') using Azure AD Domain Services. You can use either verified or unverified domain names. Optionally, you can also create a domain with the built-in domain suffix (that is, '*.onmicrosoft.com') offered by your Azure AD directory.
 * **Integrated with Azure AD:** You do not need to configure or manage replication to Azure AD Domain Services. User accounts, group memberships, and user credentials (passwords) from your Azure AD directory are automatically available in Azure AD Domain Services. New users, groups, or changes to attributes from your Azure AD tenant or your on-premises directory are automatically synchronized to Azure AD Domain Services.
-* **NTLM and Kerberos authentication:** With support for NTLM and Kerberos authentication, you can deploy applications that rely on Windows Integrated Authentication.
+* **NTLM and Kerberos authentication:** With support for NTLM and Kerberos authentication, you can deploy applications that rely on Windows-Integrated Authentication.
 * **Use your corporate credentials/passwords:** Passwords for users in your Azure AD tenant work with Azure AD Domain Services. Users can use their corporate credentials to domain-join machines, log in interactively or over remote desktop, and authenticate against the managed domain.
 * **LDAP bind & LDAP read support:** You can use applications that rely on LDAP binds to authenticate users in domains serviced by Azure AD Domain Services. Additionally, applications that use LDAP read operations to query user/computer attributes from the directory can also work against Azure AD Domain Services.
 * **Secure LDAP (LDAPS):** You can enable access to the directory over secure LDAP (LDAPS). Secure LDAP access is available within the virtual network by default. However, you can also optionally enable secure LDAP access over the internet.
 * **Group Policy:** You can use a single built-in GPO each for the users and computers containers to enforce compliance with required security policies for user accounts and domain-joined computers. You can also create your own custom GPOs and assign them to custom organizational units to [manage group policy](active-directory-ds-admin-guide-administer-group-policy.md).
 * **Manage DNS:** Members of the 'AAD DC Administrators' group can manage DNS for your managed domain using familiar DNS administration tools such as the DNS Administration MMC snap-in.
 * **Create custom Organizational Units (OUs):** Members of the 'AAD DC Administrators' group can create custom OUs in the managed domain. These users are granted full administrative privileges over custom OUs, so they can add/remove service accounts, computers, groups etc. within these custom OUs.
-* **Available in multiple Azure regions:** See the [Azure services by region](https://azure.microsoft.com/regions/#services/) page to know the Azure regions in which Azure AD Domain Services is available.
+* **Available in many Azure global regions:** See the [Azure services by region](https://azure.microsoft.com/regions/#services/) page to know the Azure regions in which Azure AD Domain Services is available.
 * **High availability:** Azure AD Domain Services offers high availability for your domain. This feature offers the guarantee of higher service uptime and resilience to failures. Built-in health monitoring offers automated remediation from failures by spinning up new instances to replace failed instances and to provide continued service for your domain.
-* **AD Account lockout protection:** Users accounts are locked out for 30 minutes if 4 invalid password attempts are encountered within 2 minutes. Accounts are automatically unlocked after 30 minutes.
+* **AD Account lockout protection:** Users accounts are locked out for 30 minutes if five invalid passwords are used within 2 minutes. Accounts are automatically unlocked after 30 minutes.
 * **Use familiar management tools:** You can use familiar Windows Server Active Directory management tools such as the Active Directory Administrative Center or Active Directory PowerShell to administer managed domains.
@@ -14,7 +14,7 @@ ms.workload: identity
 ms.tgt_pltfrm: na
 ms.devlang: na
 ms.topic: get-started-article
-ms.date: 05/23/2018
+ms.date: 05/30/2018
 ms.author: maheshu
 
 ---
@@ -25,10 +25,16 @@ In the preceding configuration tasks, you have successfully enabled Azure Active
 
 To update the DNS server settings for the virtual network in which you have enabled Azure Active Directory Domain Services, complete the following steps:
 
+
 1. The **Overview** tab lists a set of **Required configuration steps** to be performed after your managed domain is fully provisioned. The first configuration step is **Update DNS server settings for your virtual network**.
 
     ![Domain Services - Overview tab](./media/getting-started/domain-services-provisioned-overview.png)
 
+    > [!TIP]
+    > Dont see this configuration step? If the DNS server settings for your virtual network are up to date, you will not see the 'Update DNS server settings for your virtual network' tile on the Overview tab.
+    >
+    >
+
 2. Click the **Configure** button to update the DNS server settings for the virtual network.
 
 > [!NOTE]
 
@@ -14,7 +14,7 @@ ms.topic: article
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.component: compliance-reports
-ms.date: 05/23/2018
+ms.date: 05/30/2018
 ms.author: dhanyahk;rolyon
 ms.reviewer: dhanyahk
 
@@ -49,7 +49,7 @@ $clientSecret   = "<key>"         # Should be a ~44 character string insert your
 $loginURL       = "https://login.windows.net/"
 $tenantdomain   = "<domain>"            # For example, contoso.onmicrosoft.com
 $msgraphEndpoint = "https://graph.microsoft.com"
-$countOfSignInDocsToBeSavedInAFile = 2000
+$countOfAuditDocsToBeSavedInAFile = 2000
 	
 # Get an Oauth 2 access token based on client id, secret and tenant domain
 $body       = @{grant_type="client_credentials";resource=$msgraphEndpoint;client_id=$clientID;client_secret=$clientSecret}
@@ -68,10 +68,10 @@ if ($oauth.access_token -ne $null) {
 		$fetchedRecordCount = $jsonReport.Count
 		$docCount = $docCount + $fetchedRecordCount
 		$totalFetchedRecordCount = $totalFetchedRecordCount + $fetchedRecordCount
-		Write-Output "Fetched $fetchedRecordCount records and saved into SignIns$i.json"
-		if($docCount -le $countOfSignInDocsToBeSavedInAFile)
+		Write-Output "Fetched $fetchedRecordCount records and saved into Audits$i.json"
+		if($docCount -le $countOfAuditDocsToBeSavedInAFile)
 		{
-			$myReport.Content | Out-File -FilePath SignIns$i.json -append  -Force 		
+			$myReport.Content | Out-File -FilePath Audits$i.json -append  -Force 		
 		}
 		else
 		{			
@@ -93,7 +93,7 @@ if ($oauth.access_token -ne $null) {
 ### Executing the PowerShell script
 Once you finish editing the script, run it and verify that the expected data from the Audit logs report is returned.
 
-The script returns output from the audit report in JSON format. It also creates an `audit.json` file with the same output. You can experiment by modifying the script to return data from other reports, and comment out the output formats that you do not need.
+The script returns output from the audit report in JSON format. It also creates an `Audits.json` file with the same output. You can experiment by modifying the script to return data from other reports, and comment out the output formats that you do not need.
 
 
 
 
@@ -14,7 +14,7 @@ ms.topic: article
 ms.tgt_pltfrm: na
 ms.workload: identity
 ms.component: compliance-reports
-ms.date: 05/21/2018
+ms.date: 05/30/2018
 ms.author: dhanyahk;rolyon
 ms.reviewer: dhanyahk 
 
@@ -90,7 +90,7 @@ if ($oauth.access_token -ne $null) {
 ## Executing the script
 Once you finish editing the script, run it and verify that the expected data from the Audit logs report is returned.
 
-The script returns output from the sign-in report in JSON format. It also creates an `SigninActivities.json` file with the same output. You can experiment by modifying the script to return data from other reports, and comment out the output formats that you do not need.
+The script returns output from the sign-in report in JSON format. It also creates an `SignIns.json` file with the same output. You can experiment by modifying the script to return data from other reports, and comment out the output formats that you do not need.
 
 ## Next Steps
 * Would you like to customize the samples in this article? Check out the [Azure Active Directory sign-in activity API reference](https://developer.microsoft.com/graph/docs/api-reference/beta/resources/signin).